WordPress.org

Forums

User Role Editor
Single user roles - any overview? (5 posts)

  1. Wlkus
    Member
    Posted 1 year ago #

    Our WP got recently hacked and one of problems was that attackers used URE to give all possible rights to subscriber level. I removed that but found out that you can give single user modified rights outside of general groups. Is there any general list of such modified users? I'm worried that hackers could hide some users with admin rights between hundreds of regular users. Only problem is, that I see only way how to check to go one by one manually. And we have lots of registered users.

    Or if you could point me to place in WP database, where are these personal modifications stored?

    Thanks!

    http://wordpress.org/plugins/user-role-editor/

  2. Vladimir Garagulya
    Member
    Plugin Author

    Posted 1 year ago #

    Hi,

    WordPress stores user capabilities with roles assigned to them together - at wp_usermeta db table. By default user have 1 role assigned. So with this query you may extract for checking the users who have more then 1 role or additional capabilities assigned:

    SELECT * FROM wp_usermeta where meta_key like 'wp_capabilities' and meta_value not like 'a:1:%';

    Regards,
    Vladimir.

  3. Wlkus
    Member
    Posted 1 year ago #

    Thank you, working nice and seems that there is no user with more than one role...

  4. Vladimir Garagulya
    Member
    Plugin Author

    Posted 1 year ago #

    Just to check that all is right and you don't get empty result due to invalid criteria value: 'wp_' is the default database prefix. If you changed it during WordPress installation you should changed at the like criteria too, e.g. 'b1_usermeta', 'b1_capabilities'.

  5. Wlkus
    Member
    Posted 1 year ago #

    No I didnt change prefix and also tested it by removing AND condition, so it listed all users :)

    Thanks again!

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • User Role Editor
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic

Tags

No tags yet.